create-mantiq 0.5.19 → 0.5.20

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-mantiq",
-  "version": "0.5.19",
+  "version": "0.5.20",
   "description": "Scaffold a new MantiqJS application",
   "type": "module",
   "license": "MIT",

package/skeleton/tests/feature/api.test.ts

@@ -0,0 +1,14 @@
+import { describe, test } from 'bun:test'
+import { TestCase } from '@mantiq/testing'
+
+const t = new TestCase()
+t.setup()
+
+describe('API', () => {
+  test('GET /api/ping returns ok', async () => {
+    const res = await t.client.get('/api/ping')
+    res.assertOk()
+    await res.assertJson({ status: 'ok' })
+    await res.assertJsonHasKey('timestamp')
+  })
+})

package/skeleton/tests/feature/home.test.ts

@@ -0,0 +1,17 @@
+import { describe, test } from 'bun:test'
+import { TestCase } from '@mantiq/testing'
+
+const t = new TestCase()
+t.setup()
+
+describe('Home', () => {
+  test('GET / returns 200', async () => {
+    const res = await t.client.get('/')
+    res.assertOk()
+  })
+
+  test('GET / returns HTML', async () => {
+    const res = await t.client.get('/')
+    res.assertHeader('content-type')
+  })
+})

package/skeleton/tests/unit/example.test.ts

@@ -0,0 +1,11 @@
+import { describe, test, expect } from 'bun:test'
+
+describe('Example', () => {
+  test('true is truthy', () => {
+    expect(true).toBe(true)
+  })
+
+  test('math works', () => {
+    expect(1 + 1).toBe(2)
+  })
+})

package/src/index.ts

@@ -203,6 +203,7 @@ if (kit) {
     { stub: 'shared/app/Http/Requests/UpdateUserRequest.ts.stub', target: 'app/Http/Requests/UpdateUserRequest.ts' },
     { stub: 'shared/database/seeders/DatabaseSeeder.ts.stub', target: 'database/seeders/DatabaseSeeder.ts' },
     { stub: 'shared/database/factories/UserFactory.ts.stub', target: 'database/factories/UserFactory.ts' },
+    { stub: 'api-only/tests/feature/token-auth.test.ts.stub', target: 'tests/feature/token-auth.test.ts' },
   ]
   for (const { stub, target } of apiOnlyFiles) {
     const src = resolve(stubsDir, stub)

package/src/templates.ts

@@ -40,6 +40,7 @@ export function getTemplates(ctx: TemplateContext): Record<string, string> {
   }
 
   const baseDevDeps: Record<string, string> = {
+    '@mantiq/testing': '^0.5.0',
     'bun-types': 'latest',
     'typescript': '^5.7.0',
   }
@@ -48,6 +49,7 @@ export function getTemplates(ctx: TemplateContext): Record<string, string> {
     dev: 'bun run --watch index.ts',
     start: 'bun run index.ts',
     mantiq: 'bun run mantiq.ts',
+    test: 'bun test tests/',
   }
 
   if (ctx.kit) {

package/stubs/api-only/tests/feature/token-auth.test.ts.stub

@@ -0,0 +1,69 @@
+import { describe, test, expect } from 'bun:test'
+import { TestCase } from '@mantiq/testing'
+
+const t = new TestCase()
+t.refreshDatabase = true
+t.setup()
+
+const user = {
+  name: 'API User',
+  email: 'api@example.com',
+  password: 'password123',
+}
+
+describe('Token Authentication', () => {
+  test('can register and receive a token', async () => {
+    const res = await t.client.post('/api/register', user)
+    res.assertCreated()
+    await res.assertJsonHasKey('token')
+    const data = await res.json()
+    expect(data.token).toContain('|')
+  })
+
+  test('can login and receive a token', async () => {
+    await t.client.post('/api/register', user)
+    const res = await t.client.post('/api/login', {
+      email: user.email,
+      password: user.password,
+    })
+    res.assertOk()
+    await res.assertJsonHasKey('token')
+  })
+
+  test('cannot login with wrong credentials', async () => {
+    await t.client.post('/api/register', user)
+    const res = await t.client.post('/api/login', {
+      email: user.email,
+      password: 'wrong',
+    })
+    res.assertUnauthorized()
+  })
+
+  test('can access protected route with bearer token', async () => {
+    const regRes = await t.client.post('/api/register', user)
+    const { token } = await regRes.json()
+
+    t.client.withToken(token)
+    const res = await t.client.get('/api/user')
+    res.assertOk()
+    await res.assertJsonPath('user.email', user.email)
+  })
+
+  test('cannot access protected route without token', async () => {
+    const res = await t.client.get('/api/user')
+    res.assertUnauthorized()
+  })
+
+  test('can logout (revoke token)', async () => {
+    const regRes = await t.client.post('/api/register', user)
+    const { token } = await regRes.json()
+
+    t.client.withToken(token)
+    const logoutRes = await t.client.post('/api/logout')
+    logoutRes.assertOk()
+
+    // Token should be revoked
+    const userRes = await t.client.get('/api/user')
+    userRes.assertUnauthorized()
+  })
+})

package/stubs/manifest.json

@@ -1430,6 +1430,14 @@
       {
         "stub": "config/vite.ts.stub",
         "target": "config/vite.ts"
+      },
+      {
+        "stub": "tests/feature/auth.test.ts.stub",
+        "target": "tests/feature/auth.test.ts"
+      },
+      {
+        "stub": "tests/feature/users.test.ts.stub",
+        "target": "tests/feature/users.test.ts"
       }
     ],
     "placeholders": {

package/stubs/shared/tests/feature/auth.test.ts.stub

@@ -0,0 +1,69 @@
+import { describe, test, beforeAll } from 'bun:test'
+import { TestCase } from '@mantiq/testing'
+
+const t = new TestCase()
+t.refreshDatabase = true
+t.setup()
+
+const user = {
+  name: 'Test User',
+  email: 'test@example.com',
+  password: 'password123',
+}
+
+describe('Authentication', () => {
+  test('can register a new user', async () => {
+    await t.client.initSession()
+    const res = await t.client.post('/register', user)
+    res.assertCreated()
+    await res.assertJson({ message: 'Registered.' })
+    await res.assertJsonMissingKey('password')
+    await t.assertDatabaseHas('users', { email: user.email })
+  })
+
+  test('cannot register with duplicate email', async () => {
+    await t.client.initSession()
+    await t.client.post('/register', user)
+    const res = await t.client.post('/register', user)
+    res.assertUnprocessable()
+  })
+
+  test('can login with valid credentials', async () => {
+    await t.client.initSession()
+    await t.client.post('/register', user)
+    t.client.flushCookies()
+
+    await t.client.initSession()
+    const res = await t.client.post('/login', {
+      email: user.email,
+      password: user.password,
+    })
+    res.assertOk()
+    await res.assertJson({ message: 'Logged in.' })
+  })
+
+  test('cannot login with wrong password', async () => {
+    await t.client.initSession()
+    await t.client.post('/register', user)
+    t.client.flushCookies()
+
+    await t.client.initSession()
+    const res = await t.client.post('/login', {
+      email: user.email,
+      password: 'wrong',
+    })
+    res.assertUnauthorized()
+  })
+
+  test('can logout', async () => {
+    await t.client.initSession()
+    await t.client.post('/register', user)
+    const logoutRes = await t.client.post('/logout')
+    logoutRes.assertOk()
+  })
+
+  test('protected routes require authentication', async () => {
+    const res = await t.client.get('/api/users')
+    res.assertUnauthorized()
+  })
+})

package/stubs/shared/tests/feature/users.test.ts.stub

@@ -0,0 +1,90 @@
+import { describe, test } from 'bun:test'
+import { TestCase } from '@mantiq/testing'
+
+const t = new TestCase()
+t.refreshDatabase = true
+t.setup()
+
+const admin = {
+  name: 'Admin',
+  email: 'admin@example.com',
+  password: 'password123',
+}
+
+/** Register and login before CRUD tests. */
+async function login() {
+  await t.client.initSession()
+  await t.client.post('/register', admin)
+}
+
+describe('Users CRUD', () => {
+  test('can list users', async () => {
+    await login()
+    const res = await t.client.get('/api/users')
+    res.assertOk()
+    await res.assertJsonHasKey('data', 'meta')
+    await res.assertJsonPath('meta.page', 1)
+  })
+
+  test('can create a user', async () => {
+    await login()
+    const res = await t.client.post('/api/users', {
+      name: 'New User',
+      email: 'new@example.com',
+      password: 'secret123',
+    })
+    res.assertCreated()
+    await res.assertJsonPath('data.name', 'New User')
+    await res.assertJsonPath('data.email', 'new@example.com')
+    await t.assertDatabaseHas('users', { email: 'new@example.com' })
+  })
+
+  test('cannot create user with missing fields', async () => {
+    await login()
+    const res = await t.client.post('/api/users', { name: 'No Email' })
+    res.assertUnprocessable()
+  })
+
+  test('can update a user', async () => {
+    await login()
+    const createRes = await t.client.post('/api/users', {
+      name: 'Update Me',
+      email: 'update@example.com',
+      password: 'secret123',
+    })
+    const userId = (await createRes.json()).data.id
+
+    const res = await t.client.put(`/api/users/${userId}`, { name: 'Updated' })
+    res.assertOk()
+    await res.assertJsonPath('data.name', 'Updated')
+  })
+
+  test('can delete a user', async () => {
+    await login()
+    const createRes = await t.client.post('/api/users', {
+      name: 'Delete Me',
+      email: 'delete@example.com',
+      password: 'secret123',
+    })
+    const userId = (await createRes.json()).data.id
+
+    const res = await t.client.delete(`/api/users/${userId}`)
+    res.assertOk()
+    await t.assertDatabaseMissing('users', { email: 'delete@example.com' })
+  })
+
+  test('can search users', async () => {
+    await login()
+    const res = await t.client.get('/api/users?search=Admin')
+    res.assertOk()
+    const data = await res.json()
+    expect(data.data.length).toBeGreaterThan(0)
+  })
+
+  test('can paginate users', async () => {
+    await login()
+    const res = await t.client.get('/api/users?page=1&per_page=1')
+    res.assertOk()
+    await res.assertJsonPath('meta.per_page', 1)
+  })
+})